No VPN connection possible using new Rogers Ignite Cable Modem/Router

I recently moved from a regular Rogers Gigabit connection with Hitron cable modem to a newer Rogers 1000u TG3482ER3 cable modem as a part of moving to Ignite TV service. However, now my laptop wont connect to my work VPN when I use (and only when I use) an internet connection through my new Rogers modem/router. Other internet connections work just fine with my VPN on the same laptop (e.g. via a mobile hotspot or internet cafe).

Is Rogers blocking my VPN traffic through my router? Do I need to set something up on the router gateway configuration to make this work?

@oegunal have you stepped thru the various user interface pages in the modem to check for a VPN passthrough page where you can enable the given types of VPNs. I haven't seen this modem so I'm not sure if there is a VPN passthrough page which is equivalent to the page that is found in the Hitron modems. Did you have to enable any VPN passthrough with the previous Hitron modem?

That's certainly concerning to hear! To my knowledge there's nothing that would stop VPN connectivity within the firmware of the Ignite Modem but I can appreciate wanting to get to the bottom of this asap. There's a few things we can cover to get a better understanding.

Can you confirm for me if you're using your own router?
Are you able to ping your VPN server?
Have you set up port forwarding for your VPN service? Though UPnP should handle the majority of common port requirements, it's possible it may not have done so for your VPN. Given that it's a work VPN it's likely an IPSec VPNs and would require UDP port 500 (IKE) forwarded, as well as protocols 50 (ESP) and 51 (AH) opened.

Hi RogersAndy,I'm using the Rogers provided cable modem/router. My work VPN is setup such that it does not respond to pings (for extra security). I tried setting-up port forwarding for PPTP (1723) and -- upon your suggestion -- I also tried 500. Doesn't seem to work. Also, the port forwarding configuration in this router does not have the ability to specify a "protocol", so I'm not entirely sure what to do with the "50" and "51". I tried putting my laptop in the DMZ (documentation states "Configure DMZ to allow a single computer on your LAN to open all of its ports.") Didn't work. I tried turning off the router firewalls for ipv4 and ipv6. Didn't work.

I know that I dont have an issue at home on mine.I am able to connect my private one at home just fine (PIA, using their client)I am also able to connect to my work fine, using the Cisco Anyconnect client.

Are you able to get some guidance from your VPN provider or team in your enterprise - they may be somewhat reluctant, but the reality is that Ignite and its modems are here to stay, at least in the interim, so it could be to their benefit to have a discussion with Rogers in order to develop a solution.

Problem with VPN's in general, is they tend to be specifically set up in each organization in their own desired way to promote the highest levels of security (the reason it is there in the first place), and sometimes the provider, in house or outside contractor has chosen a specific method that may need their support to move forward. At least that was my case, a long time ago when my corporate IT team used an external provider, as security was out of our scope.

Good luck - it seems that there are growing pains with the support of the new Ignite modems to VPN's, but so far in my reading (I am not on VPN or Ignite, but do use a public open VPN service still) is that with some struggles, solutions have been found for each of the unique situations as they arise - Maybe if you could find out from your team what VPN setup and protocols they are working with, that is if they are willing to be public about it, as some are not requiring them to do the debugging of this type of issue.

@oegunal fwiw VPNs thru Hitron (Puma 6) modems have been a pain from day one, so, I'm not surprised that you're having problems with the Puma 7 modem.

There is another modem that has apparently been released by Rogers for the Ignite TV, which is the Technicolor (XB6) CGM4140. It should be functionally the same, but, in this case its built with the Broadcom BCM 3390 chipset instead of Intel's Puma 7. So, I just spoke with one of the Ignite TV tech support reps .... apparently you're not the only one having issues with a VPN and the Arris XB6. These modems are not carried in the Rogers store. What you will have to do is call tech support and ask the Customer Support Rep to generate a work order to have a tech drop by with the Technicolor XB6. You will definitely have to explain that the VPN is not functioning with the Arris XB6 in place, so, its time to move to plan B. Hopefully you won't get any static about this. There doesn't appear to be any VPN Pass-Through in the Arris XB6 as there is in the Hitron Puma 6 and 7 modems.

There is no guarantee that this will work. No one has reported within the forum that they have a Technicolor XB6 installed, and whether or not they have any issues with it. The modem itself should simply be a better modem, as its not a bolted together Puma chipset, but, whether or not it runs VPNs without issue is a complete unknown.

Beyond that, you would have to consider running the modem in Bridge mode which Rogers isn't supporting, and put up with any issues that might arise with the Ignite TV service as a result of the modem operating in Bridge mode. You would have to install a router to run the modem in Bridge mode.

One experiment that you can try, and I don't often recommend this, is to flip the modem into Bridge mode and after it kicks over, connect the pc and start the vpn. The instant that you see that the VPN either works or it doesn't, log back into the modem and kick it back into Gateway mode, or, simply disconnect the pc and call tech support to kick the modem back over to Gateway mode. Option 2 keeps the pc's exposure to the internet to a minimum. While its connected the pc has to protect itself as the modem doesn't provide a firewall in Bridge mode, so this should be done for a very short term test, personal opinion. That test, if it works, would indicate that the modem will support the VPN when its in Bridge mode. As I indicated above, I don't recommend this very often, so, if you're not comfortable doing it, don't do it. Just proceed with chasing tech support to provide the Technicolor XB6.

If neither modem works, then you'll have to make a choice, Ignite TV or VPN. This will probably be resolved at some point, just a question of when.